URIValidator Class
Use Case
The code is making requests to a URL constructed using untrusted inputs, where an input is considered untrusted if it comes from user input or other services.
AND
The URL is expected to belong to a specific set of trusted domains, the Azure Storage domains, or the Azure Key Vault domains.
If you instead expect the domain to be in any domain or an untrusted domain, see AntiSSRFPolicy.
Definition
Provides static methods for validating the hostname and protocol of URLs.
Methods
| Method | Description |
|---|---|
| InAzureKeyVaultDomain(Uri) | Validates if a URL is an Azure Key Vault endpoint. |
| InAzureKeyVaultDomain(string) | Validates if a URL is an Azure Key Vault endpoint. |
| InAzureStorageDomain(Uri) | Validates if a URL is an Azure Storage endpoint. |
| InAzureStorageDomain(string) | Validates if a URL is an Azure Storage endpoint. |
| InDomain(Uri, string) | Validates if a URL belongs to a trusted domain. |
| InDomain(string, string) | Validates if a URL belongs to a trusted domain. |
| InDomain(Uri, string[]) | Validates if a URL belongs to any of a list of trusted domains. |
| InDomain(string, string[]) | Validates if a URL belongs to any of a list of trusted domains. |